<?php
include("connect/connect_dsccmis.php");
// Date in the past
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
// always modified
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
// HTTP/1.1
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
// HTTP/1.0
header("Pragma: no-cache");
//XML Header
header("content-type:text/xml");

//$userid=$_POST["userid"];
$email=$_POST["email"];
$pwd=$_POST["pwd"];
$newpwd=$_POST["newpwd"];
$newpwd2=$_POST["newpwd2"];

//mysql_query("set names utf8");
$sql="select email from user where email='$email' and pwd='$pwd'";
$result=mysql_query($sql);
$num_row=mysql_num_rows($result);
if($num_row==0){
	$message="0:รหัสผ่านเดิมไม่ถูกต้อง";
}else{
	//mysql_query("set names utf8");
	$sql="update user set pwd='$newpwd' where email='$email'";
	$result=mysql_query($sql);
	$message="1:เปลี่ยนรหัสผ่านเสร็จเรียบร้อย";
}
echo $message;
?>
